Patents by Inventor Craig D. Schmugar

Craig D. Schmugar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11941119
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.
    Type: Grant
    Filed: October 6, 2020
    Date of Patent: March 26, 2024
    Assignee: McAfee, LLC
    Inventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
  • Publication number: 20210019411
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.
    Type: Application
    Filed: October 6, 2020
    Publication date: January 21, 2021
    Applicant: McAfee, LLC
    Inventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
  • Patent number: 10831893
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.
    Type: Grant
    Filed: July 14, 2016
    Date of Patent: November 10, 2020
    Assignee: McAfee, LLC
    Inventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
  • Patent number: 10423782
    Abstract: There is disclosed in one example a computing apparatus, including: an interface to a backup source in a current state; a backup storage having stored thereon a first backup version of a previous state of the source; and a backup engine to: compute a delta between the current state and the previous state; save via the backup storage a second backup version sufficient to reconstruct the current state; and assign the second backup version a reputation relative to one or more previous backup versions.
    Type: Grant
    Filed: December 19, 2016
    Date of Patent: September 24, 2019
    Assignee: McAfee, LLC
    Inventors: Igor G. Muttik, Simon Hunt, Cedric Cochin, Craig D. Schmugar, Robert Leong, Christiaan Beek, Yury Bulygin
  • Publication number: 20180173874
    Abstract: There is disclosed in one example a computing apparatus, including: an interface to a backup source in a current state; a backup storage having stored thereon a first backup version of a previous state of the source; and a backup engine to: compute a delta between the current state and the previous state; save via the backup storage a second backup version sufficient to reconstruct the current state; and assign the second backup version a reputation relative to one or more previous backup versions.
    Type: Application
    Filed: December 19, 2016
    Publication date: June 21, 2018
    Applicant: McAfee, LLC
    Inventors: Igor G. Muttik, Simon Hunt, Cedric Cochin, Craig D. Schmugar, Robert Leong, Christiaan Beek, Yury Bulygin
  • Publication number: 20180018458
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to allow for the mitigation of ransomware. For example, the system can determine that an application begins to execute, determine that the application attempts to modify a file, determine a file type for the file, and create a security event if the application is not authorized to modify the file type. In another example, the system determines an entropy value between the file and the attempted modification of the file, and create a security event if the entropy value satisfies a threshold or determine a system entropy value that includes a rate at which other files on the system are being modified by the application, and create a security event if the system entropy value satisfies a threshold.
    Type: Application
    Filed: July 14, 2016
    Publication date: January 18, 2018
    Applicant: McAfee, Inc.
    Inventors: Craig D. Schmugar, Cedric Cochin, Andrew Furtak, Adam James Carrivick, Yury Bulygin, John J. Loucaides, Oleksander Bazhaniuk, Christiaan Beek, Carl D. Woodward, Ronald Gallella, Gregory Michael Heitzmann, Joel R. Spurlock
  • Publication number: 20170255776
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to determine a string sample of data, determine a hash of the string sample of data, automatically cluster the hash with other hashes from other string samples of data, and automatically create a signature hash string for the string sample of data.
    Type: Application
    Filed: May 22, 2017
    Publication date: September 7, 2017
    Applicant: McAfee, Inc.
    Inventors: Zheng Zhang, Craig D. Schmugar
  • Patent number: 9723006
    Abstract: There is disclosed in an example a computing apparatus, including: a process deprivilging engine operable for: recognizing that a process has an undetermined reputation; intercepting a first access request directed to a first resource; determining that the first resource is not owned by the process; and at least partially blocking access to the first resource. There is further disclosed a method of providing the process deprivileging engine, and one or more computer-readable mediums having stored thereon executable instructions for providing the process deprivileging engine.
    Type: Grant
    Filed: June 27, 2015
    Date of Patent: August 1, 2017
    Assignee: McAfee, Inc.
    Inventors: Zheng Zhang, John D. Teddy, Craig D. Schmugar, Erdem Aktas, Clint R. Merrill, Kunal Mehta
  • Patent number: 9665716
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to determine a string sample of data, determine a hash of the string sample of data, automatically cluster the hash with other hashes from other string samples of data, and automatically create a signature hash string for the string sample of data.
    Type: Grant
    Filed: December 23, 2014
    Date of Patent: May 30, 2017
    Assignee: McAfee, Inc.
    Inventors: Zheng Zhang, Craig D. Schmugar
  • Publication number: 20170061164
    Abstract: In an example, there is disclosed a system and method for a two-device scrambled display. A first device displays content in a scrambled form. A second device acts as an interpreter, including an input driver for receiving a scrambled input; an output driver for displaying an organically perceptible output; and one or more logic elements comprising a unscrambling engine operable for: receiving an input on the input driver; detecting that at least a portion of the input is scrambled; unscrambling the scrambled portion of the input; and outputting an unscrambled analog of the scrambled input via the output driver.
    Type: Application
    Filed: June 27, 2015
    Publication date: March 2, 2017
    Applicant: McAfee, Inc.
    Inventors: Craig D. Schmugar, Clint R. Merrill, Erdem Aktas, James Bean, Cedric Cochin, John D. Teddy
  • Publication number: 20160381024
    Abstract: There is disclosed in an example a computing apparatus, including: a process deprivilging engine operable for: recognizing that a process has an undetermined reputation; intercepting a first access request directed to a first resource;determining that the first resource is not owned by the process; and at least partially blocking access to the first resource. There is further disclosed a method of providing the process deprivileging engine, and one or more computer-readable mediums having stored thereon executable instructions for providing the process deprivileging engine.
    Type: Application
    Filed: June 27, 2015
    Publication date: December 29, 2016
    Inventors: Zheng Zhang, John D. Teddy, Craig D. Schmugar, Erdem Aktas, Clint R. Merrill, Kunal Mehta
  • Publication number: 20160180088
    Abstract: Particular embodiments described herein provide for an electronic device that can be configured to determine a string sample of data, determine a hash of the string sample of data, automatically cluster the hash with other hashes from other string samples of data, and automatically create a signature hash string for the string sample of data.
    Type: Application
    Filed: December 23, 2014
    Publication date: June 23, 2016
    Inventors: Zheng Zhang, Craig D. Schmugar
  • Publication number: 20160180087
    Abstract: Provided in some embodiments are systems and methods for remediating malware. Embodiments include receiving (from a process) a request to access data, determining that the process is an unknown process, providing the process with access to one or more data tokens in response to determining that the process is an unknown process, determining whether the process is engaging in suspicious activity with the one or more data tokens, and inhibiting execution of the process in response to determining that the process is engaging in suspicious activity with the one or more data tokens.
    Type: Application
    Filed: December 23, 2014
    Publication date: June 23, 2016
    Inventors: Jonathan L. Edwards, Joel R. Spurlock, Aditya Kapoor, James Bean, Cedric Cochin, Craig D. Schmugar
  • Publication number: 20160117497
    Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.
    Type: Application
    Filed: October 25, 2014
    Publication date: April 28, 2016
    Inventors: Paritosh Saxena, Adrian M.M.T. Dunbar, Michael S. Hughes, John Teddy, David Michael Durham, Balaji Vembu, Prashant Dewan, Debra Cablao, Nicholas D. Triantafillou, Craig D. Schmugar, Jason M. Surprise
  • Publication number: 20160117498
    Abstract: Computing platform security methods and apparatus are disclosed. An example apparatus includes a security application to configure a security task, the security task to detect a malicious element on a computing platform, the computing platform including a central processing unit and a graphics processing unit; and an offloader to determine whether the central processing unit or the graphics processing unit is to execute the security task; and when the graphics processing unit is to execute the security task, offload the security task to the graphics processing unit for execution.
    Type: Application
    Filed: October 25, 2014
    Publication date: April 28, 2016
    Inventors: Paritosh Saxena, Adrian M.M.T. Dunbar, Michael S. Hughes, John Teddy, David Michael Durham, Balaji Vembu, Prashant Dewan, Debra Cablao, Nicholas D. Triantafillou, Craig D. Schmugar, Jason M. Surprise
  • Patent number: 8392994
    Abstract: A system, method and computer program product are provided for detecting unwanted data. A scan for unwanted data is performed to generate results of the scan. A context of the scan is then identified. Further, the presence of unwanted data is conditionally indicated based on both the results of the scan and the context of the scan.
    Type: Grant
    Filed: March 28, 2011
    Date of Patent: March 5, 2013
    Assignee: McAfee, Inc.
    Inventors: Joel Robert Spurlock, Craig D. Schmugar, Fraser Peter Howard
  • Publication number: 20110179491
    Abstract: A system, method and computer program product are provided for detecting unwanted data. A scan for unwanted data is performed to generate results of the scan. A context of the scan is then identified. Further, the presence of unwanted data is conditionally indicated based on both the results of the scan and the context of the scan.
    Type: Application
    Filed: March 28, 2011
    Publication date: July 21, 2011
    Inventors: Joel Robert Spurlock, Craig D. Schmugar, Fraser Peter Howard
  • Patent number: 7917955
    Abstract: A system, method and computer program product are provided for detecting unwanted data. A scan for unwanted data is performed to generate results of the scan. A context of the scan is then identified. Further, the presence of unwanted data is conditionally indicated based on both the results of the scan and the context of the scan.
    Type: Grant
    Filed: January 14, 2005
    Date of Patent: March 29, 2011
    Assignee: McAfee, Inc.
    Inventors: Joel Robert Spurlock, Craig D. Schmugar, Fraser Peter Howard
  • Patent number: 6785820
    Abstract: A system, method and computer program product are provided for updating security software on a client. Initially, a parameter indicating a difference between a security update file and a previous security update file is identified. Next, a security program is conditionally updated with the security update file based on the parameter.
    Type: Grant
    Filed: April 2, 2002
    Date of Patent: August 31, 2004
    Assignee: Networks Associates Technology, Inc.
    Inventors: Igor G. Muttik, Vincent P. Gulletten, Craig D. Schmugar